mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-27 02:24:18 +00:00
8d1135d66a
not bumping codecov action due to dependency and security concerns
255 lines
7.7 KiB
YAML
255 lines
7.7 KiB
YAML
name: CI
|
|
|
|
on: [ push, pull_request ]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
lint-pr:
|
|
if: github.event_name == 'pull_request'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: TrueBrain/actions-flake8@c2deca24d388aa5aedd6478332aa9df4600b5eac # v2.1
|
|
# mirrored at https://github.com/mitmproxy/mitmproxy/settings/actions
|
|
lint-local:
|
|
if: github.event_name == 'push'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- run: pip install tox
|
|
- run: tox -e flake8
|
|
filename-matching:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- run: pip install tox
|
|
- run: tox -e filename_matching
|
|
mypy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- run: pip install tox
|
|
- run: tox -e mypy
|
|
individual-coverage:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
fetch-depth: 0
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- run: pip install tox
|
|
- run: tox -e individual_coverage
|
|
test:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- os: ubuntu-latest
|
|
py: '3.10.0-rc - 3.10'
|
|
- os: windows-latest
|
|
py: 3.9
|
|
- os: macos-latest
|
|
py: 3.9
|
|
- os: ubuntu-latest
|
|
py: 3.9
|
|
- os: ubuntu-latest
|
|
py: 3.8
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- run: printenv
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
fetch-depth: 0
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: ${{ matrix.py }}
|
|
- run: pip install tox
|
|
- run: tox -e py
|
|
- uses: codecov/codecov-action@a1ed4b322b4b38cb846afb5a0ebfa17086917d27
|
|
# mirrored below and at https://github.com/mitmproxy/mitmproxy/settings/actions
|
|
with:
|
|
file: ./coverage.xml
|
|
name: ${{ matrix.os }}
|
|
|
|
build:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- image: macos-10.15
|
|
platform: macos
|
|
- image: windows-2019
|
|
platform: windows
|
|
- image: ubuntu-18.04 # Old Ubuntu version for old glibc
|
|
platform: linux
|
|
runs-on: ${{ matrix.image }}
|
|
env:
|
|
CI_BUILD_WHEEL: ${{ matrix.platform == 'linux' }}
|
|
CI_BUILD_PYINSTALLER: 1
|
|
CI_BUILD_WININSTALLER: ${{ matrix.platform == 'windows' }}
|
|
CI_BUILD_KEY: ${{ secrets.CI_BUILD_KEY }}
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
fetch-depth: 0
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- if: matrix.platform == 'windows'
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: release/installbuilder/setup
|
|
key: installbuilder
|
|
- run: pip install -e .[dev]
|
|
- run: python release/cibuild.py build
|
|
# artifacts must have different names, see https://github.com/actions/upload-artifact/issues/24
|
|
- uses: actions/upload-artifact@v2
|
|
with:
|
|
name: binaries.${{ matrix.platform }}
|
|
path: release/dist
|
|
|
|
test-web-ui:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- run: git rev-parse --abbrev-ref HEAD
|
|
- uses: actions/setup-node@v2
|
|
with:
|
|
node-version: '14'
|
|
- name: Cache Node.js modules
|
|
uses: actions/cache@v2
|
|
with:
|
|
# npm cache files are stored in `~/.npm` on Linux/macOS
|
|
path: ~/.npm
|
|
key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
|
|
restore-keys: |
|
|
${{ runner.OS }}-node-
|
|
${{ runner.OS }}-
|
|
- working-directory: ./web
|
|
run: npm ci
|
|
- working-directory: ./web
|
|
run: npm test
|
|
- uses: codecov/codecov-action@a1ed4b322b4b38cb846afb5a0ebfa17086917d27
|
|
# mirrored above and at https://github.com/mitmproxy/mitmproxy/settings/actions
|
|
with:
|
|
file: ./web/coverage/coverage-final.json
|
|
name: web
|
|
|
|
docs:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- run: |
|
|
wget -q https://github.com/gohugoio/hugo/releases/download/v0.88.1/hugo_extended_0.88.1_Linux-64bit.deb
|
|
echo "865ab9a930e0a9e4957e7dbfdf91c32847324f022e33271b5661d5717600bc2b hugo_extended_0.88.1_Linux-64bit.deb" | sha256sum -c
|
|
sudo dpkg -i hugo*.deb
|
|
- run: pip install -e .[dev]
|
|
- run: ./docs/build.py
|
|
- uses: actions/upload-artifact@v2
|
|
with:
|
|
name: docs
|
|
path: docs/public
|
|
|
|
# Separate from everything else because slow.
|
|
build-and-deploy-docker:
|
|
if: github.repository == 'mitmproxy/mitmproxy' && (
|
|
github.ref == 'refs/heads/main' ||
|
|
github.ref == 'refs/heads/dockertest' ||
|
|
startsWith(github.ref, 'refs/tags/')
|
|
)
|
|
environment: deploy-docker
|
|
needs:
|
|
- test
|
|
- test-web-ui
|
|
- build
|
|
- docs
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
CI_BUILD_DOCKER: 1
|
|
DOCKER_USERNAME: mitmbot
|
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
name: binaries.linux
|
|
path: release/dist
|
|
- uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480 # v1.2.0
|
|
- uses: docker/setup-buildx-action@b1f1f719c7cd5364be7c82e366366da322d01f7c # v1.6.0
|
|
- run: pip install -e .[dev]
|
|
- run: python release/cibuild.py build
|
|
- run: python release/cibuild.py upload
|
|
|
|
deploy:
|
|
# This action has access to our AWS keys, so we are extra careful here.
|
|
# In particular, we don't blindly `pip install` anything to minimize the risk of supply chain attacks.
|
|
if: github.repository == 'mitmproxy/mitmproxy' && github.event_name == 'push'
|
|
environment: deploy
|
|
needs:
|
|
- test
|
|
- test-web-ui
|
|
- build
|
|
- docs
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
TWINE_USERNAME: mitmproxy
|
|
TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
AWS_DEFAULT_REGION: us-west-2
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
persist-credentials: false
|
|
- uses: actions/setup-python@v2
|
|
with:
|
|
python-version: '3.9'
|
|
- run: sudo apt-get update
|
|
- run: sudo apt-get install -y twine awscli
|
|
- uses: actions/download-artifact@v2
|
|
with:
|
|
path: release/dist
|
|
- run: mv release/dist/docs docs/public
|
|
# move artifacts from their subfolders into release/dist
|
|
- run: find release/dist -mindepth 2 -type f -exec mv {} release/dist \;
|
|
# and then delete the empty folders
|
|
- run: find release/dist -type d -empty -delete
|
|
- run: ls release/dist
|
|
- run: ./release/deploy.py
|